← Cybersecurity Alphabet Soup

DAST

Dynamic Application Security Testing

appsecmedium

DAST tools test a running application from the outside, sending crafted requests and observing responses the way an attacker would. They run later in the lifecycle, typically against staging or test environments, and find issues like injection, misconfiguration, and broken authentication. Because they need no source code access, they work on any deployed app, but they cannot point to the exact line of code at fault.

Sources

More in appsec